If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

So I don't have the nl80211 driver installed. I modprobed to check for it and it's definitely not there. Now a site I came across says I should install the compat-wireless package to get the module. I'm a little timid doing this. Is that the right thing to do?

So I don't have the nl80211 driver installed. I modprobed to check for it and it's definitely not there. Now a site I came across says I should install the compat-wireless package to get the module. I'm a little timid doing this. Is that the right thing to do?

So DNS, DHCP, Apache, the IPtables redirect, even airbase-ng have all been working flawlessly for me for a while now. Everything connects and authenticates correctly.

I run into a problem when I execute the payload, It never passes 'Sending stage (723456 bytes)' inside metasploit. I really don't know weather its some sort of time-out problem or something in the ruby script..

Any ideas or similar problems like this? I'm a bit stuck here.
Great job to everyone with the progression on this script, Thanks in advance.

Re: [Script] [Video] fakeAP_pwn (v0.3)

Just a FYI when using hostap, when Ctrl-C to end the script it doesn't clean up the interfaces and leaves mon.wlan1 (in my case). A simple fix by stopping the interface with airmon-ng stop but if you weren't aware and went to run fakeAP_pwn again it would give an error [-] The wireless interface wlan1, isn't correct.

Re: [Script] [Video] fakeAP_pwn (v0.3)

Originally Posted by cseven

Just a FYI when using hostap, when Ctrl-C to end the script it doesn't clean up the interfaces and leaves mon.wlan1 (in my case). A simple fix by stopping the interface with airmon-ng stop but if you weren't aware and went to run fakeAP_pwn again it would give an error [-] The wireless interface wlan1, isn't correct.

yes im am aware of this problem, to stop the hostapd properly just press Ctrl+C in the hostapd window then press Ctrl+C where you ran the script

Re: [Script] [Video] fakeAP_pwn (v0.3)

Sorry for the double post but I'v been messing around with hostapd and got it all compiled, installed, and I think configured.. (done the way joker suggested)

But when I try to run the script it executes hostapd with the generated config file and outputs this error then closes after a few seconds: rfkill: Cannot open RFKILL control device

I don't have much problem with airebase-ng regardless but just wondering if mabey I did something wrong during installation, when I ran make install it output: "for i in hostapd hostapd_cli; do cp -f $i /usr/local/bin/$i; done"

I can run hostapd service without a problem and seems to be functional until I try the script. Thanks again.

Re: [Script] [Video] fakeAP_pwn (v0.3)

Originally Posted by parrotface

Not got my head round hostapd yet, I need to spent more time looking.
All Ive done was apt-get to install. I have found the hostapd.conf but not made any changes yet.
/etc/init.d/hostapd start seems to work. If I try and use hostapd in the script it says "hostapd failed to start"
Also tried install via the script with same results.

I have changed the attacker machine to HP laptop with Broadcom WiFi and the FreeWiFi does not show up as an AP on the target machine(another HP laptop). But using a USB adapter (zd1211) in the attack machine (wlan1) things work better. The target can connect to FreeWiFi, down load and get a meterpreter session, and also shell works, but NO access to the internet.
Target gets IP 10.0.0.150 and can ping 10.0.0.1
I can also ping the router 192.168.1.250
Is this a DNS problem? But I can’t ping googles IP.
Many thanks

With hostapd, you can't do apt-get install hostapd )=
Read Jokers reply about how to use GIT (Hopefully soon you'll be able to use the script)
Yeah, airbase-ng gives mix results.

When you try and ping, what IP does google get? (if any?)
Can the attacker surf okay?Could you post the output from -d?

Originally Posted by Eatme

no i have it on Transparent
ok it connects now...but
when I run the update file on the victim(s) machine, nothing happens...
Attacker machine just sits at:[i] Waiting for the target to run the "update" file
everything is set to:
mode:transparent
payload="vnc"

victim1 OS=Windows XP SP3 32-Bit
victim2 OS=Windows 7 64-Bit

same thing happens on both scenarios...
help, thanks.

What IP does the targets get?
Can you ping the fake AP? (10.0.0.1?)
Can you ping google?Could you post the output from -d?

Originally Posted by cseven

I'm somewhat in the same boat as I just installed hostapd and then ran the fakeAP_pwn script. What I did notice is that it says:

So I don't have the nl80211 driver installed. I modprobed to check for it and it's definitely not there. Now a site I came across says I should install the compat-wireless package to get the module. I'm a little timid doing this. Is that the right thing to do?

Looks like joker found a fix for you *and hes fix the script too!*
I haven't yet got hostapd working (just got my laptop back), Joker understand hostapd alot better than I do.

Originally Posted by kernel831

Well I'v been playing with this for a while now, testing on multiple clients with multiple payloads and still have the same problem i did with 2.4 lol

I was kinda hoping this might be fixed in the update but apparently not:

So DNS, DHCP, Apache, the IPtables redirect, even airbase-ng have all been working flawlessly for me for a while now. Everything connects and authenticates correctly.

I run into a problem when I execute the payload, It never passes 'Sending stage (723456 bytes)' inside metasploit. I really don't know weather its some sort of time-out problem or something in the ruby script..

Any ideas or similar problems like this? I'm a bit stuck here.
Great job to everyone with the progression on this script, Thanks in advance.

Are you using airbase-ng?
What speed does the target download the payload?
Firewalls?
How long do you wait for?

Originally Posted by cseven

you my man are a genius, works perfect and is much faster then airbase-ng. Now I can play with the other settings as I have only tested the normal mode of fakeAP_pwn

Thanks!

After catching up on the replys, its great to hear someone has it working! (=
Thanks joker

Originally Posted by cseven

Just a FYI when using hostap, when Ctrl-C to end the script it doesn't clean up the interfaces and leaves mon.wlan1 (in my case). A simple fix by stopping the interface with airmon-ng stop but if you weren't aware and went to run fakeAP_pwn again it would give an error [-] The wireless interface wlan1, isn't correct.

Its been added into the update. (=

Originally Posted by notfaded1

Thnx g0tm1lk for a saweet script and props to joker5bb for the hostapd compile tip. All of g0tm1lks links worked fine 4 me yesterday 9/14/10...

*YEY* Another one!
Thanks for the feedback. (=

Originally Posted by kernel831

Sorry for the double post but I'v been messing around with hostapd and got it all compiled, installed, and I think configured.. (done the way joker suggested)

But when I try to run the script it executes hostapd with the generated config file and outputs this error then closes after a few seconds: rfkill: Cannot open RFKILL control device

I don't have much problem with airebase-ng regardless but just wondering if mabey I did something wrong during installation, when I ran make install it output: "for i in hostapd hostapd_cli; do cp -f $i /usr/local/bin/$i; done"

I can run hostapd service without a problem and seems to be functional until I try the script. Thanks again.

Sounds like a driver issue?
airbase-ng isnt as picky - but its not as stable/reliable (for that reason!)
Doing a quick google, this pop up:Rfkill Query Tool - Linux Forums